5 information security trends that will dominate 2016

Every year, it seems, the threats posed by cybercriminals evolve into new and more dangerous forms while security organizations struggle to keep up.As 2015 draws to a close, we can expect the size, severity and complexity of cyber threats to continue increasing in 2016, says Steve Durbin, managing director the Information Security Forum (ISF), a nonprofit association that assesses security and risk management issues on behalf of its members."For me, 2016 is probably the year of cyber risk," Durbin says. "I say that because increasingly I think we are seeing a raised level awareness about the fact that operating in cyber brings about its own peculiarities."To read this article in full or to leave a comment, please click here

Juniper updates list of backdoored enterprise firewall OS versions

Juniper revised the list of ScreenOS versions that contain a backdoor allowing attackers to bypass authentication and gain administrative access to NetScreen enterprise firewall devices.The networking equipment manufacturer announced last week that it found, during an internal audit, two instances where rogue code was added to its ScreenOS operating system without authorization. The code could be used by attackers to gain privileged access to NetScreen firewall devices and to decrypt VPN connections.The company said at the time that ScreenOS versions 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 were vulnerable, but an analysis by researchers from security firm Rapid7 revealed that not all listed versions are vulnerable to both issues.To read this article in full or to leave a comment, please click here

Juniper updates list of backdoored enterprise firewall OS versions

Juniper revised the list of ScreenOS versions that contain a backdoor allowing attackers to bypass authentication and gain administrative access to NetScreen enterprise firewall devices.The networking equipment manufacturer announced last week that it found, during an internal audit, two instances where rogue code was added to its ScreenOS operating system without authorization. The code could be used by attackers to gain privileged access to NetScreen firewall devices and to decrypt VPN connections.The company said at the time that ScreenOS versions 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 were vulnerable, but an analysis by researchers from security firm Rapid7 revealed that not all listed versions are vulnerable to both issues.To read this article in full or to leave a comment, please click here

Docs Spotlight: Keeping the FM in RTFM

blog-header-docspotlight

Crafting and maintaining high quality documentation is something we all know is very important. Reputable documentation is much more than the result of fantastic product or project management - especially when we're talking about community-driven documentation. Open source communities in particular like to reference "RTFM" (Read the Fine Manual, for the cleaner acronym explanation), but that's only helpful when the "Fine Manual" contains quality documentation. For projects like Ansible, it is our active users that make all the difference, and with their contributions and efforts we are able to help provide the great documentation that supports Ansible.  But, that also comes with some caveats.

Many people contribute to open source projects so that they may "scratch their own itch." Whether this works well or creates clunky and cluttered code is not up for debate in this blog post, but how well it works in relation to open source documentation is debatable. Often contributions boil down to very bare bones coverage of a feature or implementation, other times the only contribution made is a typo fix. And while even the small fixes are helpful, these are not the contributions that make the docs great (better, yes, but not yet reaching Continue reading

Docs Spotlight: Keeping the FM in RTFM

blog-header-docspotlight

Crafting and maintaining high quality documentation is something we all know is very important. Reputable documentation is much more than the result of fantastic product or project management - especially when we're talking about community-driven documentation. Open source communities in particular like to reference "RTFM" (Read the Fine Manual, for the cleaner acronym explanation), but that's only helpful when the "Fine Manual" contains quality documentation. For projects like Ansible, it is our active users that make all the difference, and with their contributions and efforts we are able to help provide the great documentation that supports Ansible.  But, that also comes with some caveats.

Many people contribute to open source projects so that they may "scratch their own itch." Whether this works well or creates clunky and cluttered code is not up for debate in this blog post, but how well it works in relation to open source documentation is debatable. Often contributions boil down to very bare bones coverage of a feature or implementation, other times the only contribution made is a typo fix. And while even the small fixes are helpful, these are not the contributions that make the docs great (better, yes, but not yet reaching Continue reading

OED Tools: NetSetMan

The problem I manage many networks and quite often I work at customer site. For every site I need and IP address, gateway, Wi-Fi network, sometimes proxy, a printer and many other unique network settings. Change IP address on Windows is a process that takes too much time and many clicks. The automation I used […]

What’s inside net/http? Late binding in the Go standard library

It's well known that we're heavy users of the Go programming language at CloudFlare. Our work often involves delving into the standard library source code to understand internal code paths, error handling and performance characteristics.

Recently, I looked at how the standard library's built-in HTTP client handles connections to remote servers in order to provide minimal roundtrip latency.

Athletics track CC By 2.0 Image by Dean Hochman

Connection pooling

A common pattern that aims to avoid connection setup costs (such as the TCP handshake and TLS setup) and confer control over the number of concurrently established connections is to pool them. net/http maintains a pool of connections to each remote host which supports Connection: keep-alive. The default size of the pool is two idle connections per remote host.

More interestingly, when you make a request with net/http, a race happens. Races in code are often an unwanted side effect, but in this case it's intentional. Two goroutines operate in parallel: one that tries to dial a connection to the remote host, and another which tries to retrieve an idle connection from the connection pool. The fastest goroutine wins.

To illustrate, let's look at the code executed when transport.RoundTrip(req) is Continue reading

10 more Raspberry Pi projects primed for IT

The Raspberry Pi was created as an educational platform but has become one of the most popular embedded systems platforms on earth with a full copy of Linux and a rabid community of DIY-minded developers. That combination alone makes the Raspberry Pi a natural fit for hacking together enterprise IT applications and devices. Add in its low cost and the ready availability of open source solutions, and you can quickly see how previously expensive systems and devices are suddenly within reach of IT departments willing to experiment with Raspberry Pi, as my first foray into DIY IT Raspberry Pi projects showed.To read this article in full or to leave a comment, please click here

Essential data points for the tech year ahead

Ready, set, disrupt!If an overarching conclusion can be drawn from the results of Computerworld's Forecast survey of 182 IT professionals, it's that 2016 is shaping up to be the year of IT as a change agent.IT is poised to move fully to the center of the business in 2016, as digital transformation becomes a top strategic priority. CIOs and their tech organizations are well positioned to drive that change, thanks to IT budget growth, head count increases and a pronounced shift toward strategic spending.To read this article in full or to leave a comment, please click here

IT pros brace for lost devices, access problems, on-call holidays

More than half (56%) of IT pros will be on-call or working during the holidays to troubleshoot tech problems, according to network management vendor Ipswitch. Past experience shows it’s necessary: among 378 IT pros surveyed, 38% say they’ve experienced a major network outage during a holiday break.Here are some additional findings from Ipswitch’s third annual "Happy Holidays?" survey: Days expected to be on-call or working • Christmas Eve: cited by 29%• Christmas Day: 11%• New Year’s Eve: 11%• New Year’s Day: 5%To read this article in full or to leave a comment, please click here

Network World’s 20 Best Products of 2015

Tough to chooseWith so many great products on the market, it’s hard to pick the best ones. So we asked our experts, Network World’s independent product reviewers and bloggers to list their favorite products of 2015. What we got back was a list that covers the full spectrum of the networking world, with a little entertainment and gaming thrown in.To read this article in full or to leave a comment, please click here

New products of the week 12.21.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.CloudBerry Backup for Mac OS and Linux OS FreewareKey features: CloudBerry Backup for Mac and Linux provides flexible scheduling options and retention policies, email notifications, as well as support for MS Azure, Amazon S3 including Standard-IA storage class. More info.To read this article in full or to leave a comment, please click here

Tim Cook says there isn’t a trade-off between security and privacy

In a strong defense of encryption, Apple's CEO Tim Cook said that there was no trade-off between privacy and national security when it comes to encryption."I think that's an overly simplistic view. We're America. We should have both," he told Charlie Rose on CBS' 60 Minutes program on Sunday, according to a transcript of the interview posted online.Cook said that people should be able to protect their personal data on their smartphones, such as health and financial information, intimate conversations with family and co-workers, and possibly business secrets.To read this article in full or to leave a comment, please click here